Vulnerability Database

Published: May 30, 2018
Updated: Nov 9, 2025
CVE: <a href="https://nvd.nist.gov/vuln/detail/CVE-2018-10939" target="_blank" rel="noopener"> CVE-2018-10939
Severity: Low
Exploit:

309,237

Total vulnerabilities in the database

Zimbra Web Client (ZWC) in Zimbra Collaboration Suite 8.8 before 8.8.8.Patch4 and 8.7 before 8.7.11.Patch4 has Persistent XSS via a contact group.

CVSS v2:

CWEs:

OWASP TOP 10:

Software	From	Fixed in
zimbra / zimbra_collaboration_suite	8.8.8-p2	8.8.8-p2.x
synacor / zimbra_collaboration_suite	8.7.11-p1	8.7.11-p1.x
synacor / zimbra_collaboration_suite	8.7.11-p2	8.7.11-p2.x
synacor / zimbra_collaboration_suite	8.7.11-p3	8.7.11-p3.x
synacor / zimbra_collaboration_suite	8.8.8-p1	8.8.8-p1.x
synacor / zimbra_collaboration_suite	8.8.8-p3	8.8.8-p3.x
synacor / zimbra_collaboration_suite	8.7.0	8.7.11.x
synacor / zimbra_collaboration_suite	8.8.0	8.8.8.x

SynScan provides clear, real-time security insights so you can monitor your attack surface, spot risks early, and act fast—without extra complexity.